Today sees a global IT outage that has spread across transport, and broadcasters and hit many businesses, who have been forced to take their businesses offline.
Flights are affected at major airports in countries such as Australia, Germany, the UK, India, Japan, and US, with boarding screens offline at airports and similar disarray at many public transport stations.
⚠️ Due to IT issues across the South Western Railway network all ticket vending machines are currently non operational.
Please purchase your ticket online, on the train or speak to a member of station staff.
We apologise for the inconvenience this causes.
— SWR Help (@SW_Help) July 19, 2024
Media broadcasters in the UK and Australia have also been affected:
The London Stock Exchange was also affected and shared the news on their website:
"RNS news service is currently experiencing a 3rd party global technical issue, preventing news from being published on www.londonstockexchange.com.
Technical teams are working to restore the service. Other services across the Group, including London Stock Exchange, continue to operate as normal."
The exchange’s parent company news and data platform Workspace, also suffered an outage that has affected user access worldwide.
The outage has also affected healthcare providers in UK, with some unable to access their clinical software:
MAJOR ISSUE – NO ACCESS TO CLINICAL SYSTEM – NATIONAL PROBLEM
We have reported this problem to our clinical system provider and understand this is a nationwide problem.PLEASE CONTACT NHS 111 FOR MEDICAL HELP WHILE THE ISSUE IS BEING RESOLVED. pic.twitter.com/qVSMB8Cdou
— Grimethorpe Surgery (@GrimethorpeSur1) July 19, 2024
According to Microsoft, the outage started at about 12 am CET on Friday, with a subset of its customers experiencing issues with multiple Azure services in the Central US region. Azure is a cloud computing platform that provides services for building, deploying, and managing applications and services.#
Accoridng to cybersecurity experts, CrowdStrike, antivirus software that provides advanced cybersecurity solutions to Windows PCs, is the source of the problem.
According to Dmytro Tereshchenko, Head of Information Security Department at Sigma Software Group
"The CrowdStrike failure has significantly impacted many organisations globally. This includes critical sectors such as banking, stock exchanges, airports, and emergency services.
Recovery protocols are in place for those affected, though a comprehensive restoration across many entities will likely be a protracted process."
He notes that for cybersecurity professionals, this incident isn’t something new and unexpected.
It underscores a known issue within our highly interconnected supply chains. A disruption to any key supplier can indeed have extensive repercussions, affecting a broad spectrum of systems and services.
While this situation is neither unprecedented nor unexpected, the timeline for complete recovery remains uncertain. We clearly understand the problem’s scale, but precise recovery estimates are still forthcoming."
Al Lakhani, CEO of IDEE, told us that while many people might be thanking Microsoft for their accidental day off, this incident underscores the importance of businesses thoroughly researching and vetting their cybersecurity solutions before implementation.
"Microsoft clearly fell short in this regard, and we are witnessing a cascade of operational failures around the world as a result.
"CrowdStrike’s platform approach, which relies on a single agent focused on detection, might seem good at first glance, but as we can see, it can create significant issues. For instance, agents require installation and maintenance of software on multiple different OSes, adding layers of complexity and potential points of failure.Moreover, agents can become a single point of failure, as a bad update can compromise the entire network, as seen with the SolarWinds attack.
"The lesson here is blindingly obvious: investing in cybersecurity is not just about acquiring the latest or most popular tools but ensuring those tools are reliable and resilient. This is why businesses must prioritise agentless solutions like MFA 2.0, which reduce the risk of widespread failures and ensure more resilient defences."
Update: 15:30pm CET
"This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed,"
CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed. We…
— George Kurtz (@George_Kurtz) July 19, 2024
Notably, the post, falls short of offering an apology to the businesses and people affected, much less acknowledge the time dev teams will have to take to remediate.
Would you like to write the first comment?
Login to post comments